package com.qfedu.shirodemo.realm;

import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;

/**
 * @author 水杯
 * @date 2020-08-19 21:46
 */
public class CustomRealm2 extends AuthorizingRealm {
    /**
     * 认证
     * @param authenticationToken
     * @return
     * @throws AuthenticationException
     */
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        //假设数据库中获取出来的用户名和密码是
        String username="helen";
        String  password="123456";
        //判断用户名
//        UsernamePasswordToken token=(UsernamePasswordToken)authenticationToken;
//        String usernameInput=token.getUsername();
        String usernameInput=(String)authenticationToken.getPrincipal();
        if(!usernameInput.equals(username))
        {
            throw new UnknownAccountException("用户名不存在");
        }
        //判断密码
        String passwordInput=new String((char[])authenticationToken.getCredentials());
        if(!passwordInput.equals(password))
        {
            throw new UnknownAccountException("密码不正确");
        }
        //拿到认证信息
        SimpleAuthenticationInfo info = new SimpleAuthenticationInfo(username, password, this.getName());
        return info;


    }

    /**
     * 授权
     * @param principalCollection
     * @return
     */
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        String username=(String) principalCollection.getPrimaryPrincipal();
        System.out.println("用户信息"+username);
        //查询数据库
        //获取权限
        //获取角色
        return null;
    }


}
